Security

All data transmitted between your browser and SiteSafe is encrypted using TLS 1.3 (HTTPS). Our database, hosted on Neon, encrypts data at rest and is accessible only through secure, authenticated connections.

SiteSafe is hosted on Vercel, which provides DDoS protection, a global CDN, and automatic security updates. Our database runs on Neon, a serverless PostgreSQL platform with built‑in failover and daily backups.

We comply with the EU General Data Protection Regulation (GDPR) and Brazil's Lei Geral de Proteção de Dados (LGPD). We only collect the data necessary to provide the service, and you can request deletion of your data at any time by contacting us.

All payments are handled by Stripe, a PCI DSS Level 1 certified payment processor. SiteSafe never stores or processes your credit card details directly.

SiteSafe uses only a single essential cookie for authentication. We do not use advertising cookies, analytics trackers, or any third‑party tracking scripts.

API access is secured with per‑company Bearer tokens generated from your Settings page. Keys are hashed before storage and can be rotated at any time. Rate limiting is enforced on public endpoints to prevent abuse.